On 03/15/2017 03:16 AM, Paolo Bonzini wrote: > Commit eb7eeb8 ("memory: split address_space_read and > address_space_write", 2015-12-17) made address_space_rw > dispatch to one of address_space_read or address_space_write, > rather than vice versa. > > For callers of address_space_read and address_space_write this > causes false positive defects when Coverity sees a length-8 write in > address_space_read and a length-4 (e.g. int*) buffer to read into. > As long as the size of the buffer is okay, this is a false positive. > > Reflect the code change into the model. > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > --- > scripts/coverity-model.c | 17 +++++++++++++---- > 1 file changed, 13 insertions(+), 4 deletions(-)
> -MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, > - uint8_t *buf, int len, bool is_write) > +MemTxResult address_space_read(AddressSpace *as, hwaddr addr, > + MemTxAttrs attrs, > + uint8_t *buf, int len) > { > MemTxResult result; > - > // TODO: investigate impact of treating reads as producing > // tainted data, with __coverity_tainted_data_argument__(buf). > - if (is_write) __bufread(buf, len); else __bufwrite(buf, len); Old code did __bufread for reads, > + __bufwrite(buf, len); but the new does __bufwrite. > + return result; > +} > > +MemTxResult address_space_write(AddressSpace *as, hwaddr addr, > + MemTxAttrs attrs, > + const uint8_t *buf, int len) > +{ > + MemTxResult result; > + __bufread(buf, len); And __bufread for writes. Did you get this backwards? > return result; > } > > + > /* Tainting */ > > typedef struct {} name2keysym_t; > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature